User guide
456
pmp-0229 (Mar 2013)
Using RADIUS for centralized AP and SM user
name and password management
Configuring a RADIUS server
Figure 156 User Authentication tab of the AP
Table 67: AP User Authentication attributes
Attribute Meaning
User Authentication Mode
•
Local: The local SM is checked for accounts. No centralized
RADIUS
accounting (access control)
is
performed.
•
Remote: Authentication by the centralized RADIUS server
is
required to gain access to the AP. For up to
2
minutes a test
pattern will be displayed until the server responds
or
times
out.
•
Remote then Local: Authentication using the centralized
RADIUS
server is attempted. If the server sends a reject
message, then
the
setting of Allow Local Login after Reject
from AAA determines
if
the local user database is checked or
not. If the configured
servers
do
not respond within 2 minutes,
then the local user database
is
used. The successful login method
is displayed in the
navigation
column of the AP.
Auth Method
The user authentication method employed by the radios is EAP-
MD5.
Allow Local Login after
Reject from AAA
If a user authentication is rejected from the AAA server, the user
will be allowed to login locally to the radio’s management
interface.
Device Access Tracking
To track logon and logoff times on individual radios by technicians,
installers, and administrators, set this parameter to Enabled.
Radius Accounting Port
The destination port on the AAA server used for Radius accounting
communication.